Add GitHub action secrets #2
Description
To insert secrets in GitHub Actions tests, follow these steps:
-
Create a secret in your GitHub repository:
- Go to your repository's Settings page
- Click on "Secrets and variables" under the "Security" section
- Select "Actions"
- Click "New repository secret"
- Enter a name for your secret and its value
- Click "Add secret"[3][1]
-
Use the secret in your GitHub Actions workflow:
- In your workflow YAML file, reference the secret using the syntax
${{ secrets.SECRET_NAME }} - You can use secrets as environment variables or inputs for actions[4][3]
- In your workflow YAML file, reference the secret using the syntax
Example usage in a workflow:
steps:
- name: Use secret
env:
MY_SECRET: ${{ secrets.MY_SECRET_NAME }}
run: echo "Using secret: $MY_SECRET"Remember that secrets are encrypted and only exposed to selected actions. They cannot be viewed directly in the GitHub interface once created[3][4].
Best Practices
- Use unique names for secrets
- Avoid storing secrets in your repository code
- Regularly rotate your secrets
- Use environment-specific secrets for different deployment stages[2][3]
By following these steps, you can securely use sensitive information in your GitHub Actions tests without exposing them in your repository code.
Citations:
[1] https://www.paigeniedringhaus.com/blog/use-secret-environment-variables-in-git-hub-actions/
[2] https://gist.github.com/brianjbayer/53ef17e0a15f7d80468d3f3077992ef8
[3] https://kinsta.com/blog/github-actions-secret/
[4] https://docs.github.com/en/actions/security-for-github-actions/security-guides/using-secrets-in-github-actions
[5] https://docs.tracetest.io/ci-cd-automation/github-actions-pipeline-with-secrets
To get secrets into your Swift unit test project when using GitHub Actions, follow these steps:
-
Store secrets in GitHub:
- Go to your repository's Settings > Secrets and variables > Actions
- Add new repository secrets with appropriate names and values[1]
-
Use secrets in your GitHub Actions workflow:
- Reference secrets in your workflow YAML file using
${{ secrets.SECRET_NAME }}[1] - Set them as environment variables for your test step
- Reference secrets in your workflow YAML file using
-
Access secrets in your Swift tests:
- Use
ProcessInfo.processInfo.environment["SECRET_NAME"]to read the environment variables in your test code[2]
- Use
Here's an example workflow step that sets up secrets for Swift tests:
- name: Run tests
env:
API_KEY: ${{ secrets.API_KEY }}
API_SECRET: ${{ secrets.API_SECRET }}
run: swift testIn your Swift test files, access the secrets like this:
let apiKey = ProcessInfo.processInfo.environment["API_KEY"] ?? ""
let apiSecret = ProcessInfo.processInfo.environment["API_SECRET"] ?? ""Remember to handle cases where the environment variables might not be set, especially when running tests locally[4].
For local development, you can set environment variables in your Xcode scheme's Test action. Edit the scheme, go to the Test action, and add the environment variables under the "Arguments" tab[6].
Citations:
[1] https://alexanderweiss.dev/blog/2020-12-13-spm-tests-on-github-actions
[2] https://blog.kulman.sk/reading-environment-variables-from-unit-tests/
[3] https://www.fline.dev/hiding-secrets-from-git-in-swiftpm/
[4] https://forums.swift.org/t/how-do-you-know-if-youre-running-unit-tests-when-calling-swift-test/49711
[5] https://stackoverflow.com/questions/72925899/github-actions-detect-if-secret-exists/72926257
[6] https://forums.developer.apple.com/forums/thread/747756
[7] https://github.com/PacktPublishing/Unit-Testing-in-Swift/actions
[8] https://stackoverflow.com/questions/64546360/passing-environment-variables-to-xcuitest
[9] https://www.reddit.com/r/iOSProgramming/comments/jdp29u/why_cant_you_pass_environment_variables_to_a/